Image authentication apparatus, image authentication method, and image authentication program

ABSTRACT

The present invention provides a user with a user interface that is convenient and easy to use. In a case where authentication data in an image file is MAC data, data related to the image file is displayed in the first window  301  (S 206 ). In a case where the authentication data in the image file is digital signature data, data related to the image file is displayed in the second window  301  (S 211 ).

FIELD OF THE INVENTION

[0001] The present invention relates to an apparatus for examining and authenticating alteration or non-alteration of image data in an image file.

BACKGROUND OF THE INVENTION

[0002] Currently, an image authentication system, which examines and authenticates alteration or non-alteration of image data by using Message Authentication Code (MAC) data or digital signature data corresponding to image data in an image file, is proposed. The conventional image authentication system is disclosed in, e.g., U.S. Pat. No. 5,499,294. Note herein that MAC data is obtained by processing a hash value of image data by key data that corresponds to a secret key of a symmetric key cryptography. Digital signature data is obtained by processing a hash value of image data by key data that corresponds to a private key of a public key cryptography.

[0003] However, the conventional image authentication system does not provide a user interface that is convenient and easy to use.

SUMMARY OF THE INVENTION

[0004] The present invention has been proposed in view of the above problem, and has as its object to provide a user with a user interface that is convenient and easy to use.

[0005] According to the present invention, the foregoing object is attained by providing an image authentication apparatus having control means for controlling a classifying process that classifies each image file into a group corresponding to a type of authentication data in each image file, and a displaying process including a process of displaying in display means data related to each image file in group unit.

[0006] Furthermore, the present invention provides an image authentication method comprising: a step of controlling a classifying process that classifies each image file into a group corresponding to a type of authentication data in each image file; and a step of controlling a displaying process including a process of displaying in display means data related to each image file in group unit.

[0007] Furthermore, the present invention provides an image authentication program comprising: a step of controlling a classifying process that classifies each image file into a group corresponding to a type of authentication data in each image file; and a step of controlling a displaying process including a process of displaying in display means data related to each image file in group unit.

[0008] Other features and advantages of the present invention will be apparent from the following descriptions taken in conjunction with the accompanying drawings, in which like reference characters designate the same or similar parts throughout the figures thereof.

BRIEF DESCRIPTION OF THE DRAWINGS

[0009] The accompanying drawings, which are incorporated in and constitute a part of the specification, illustrate embodiments of the invention and, together with the description, serve to explain the principles of the invention.

[0010]FIG. 1 is a block diagram showing a main construction of an image authentication system according to an embodiment of the present invention;

[0011]FIG. 2 is a flowchart describing a procedure executed in accordance with an image authentication program by an image authentication apparatus proposed by the embodiment of the present invention;

[0012]FIG. 3 shows an example of a screen displayed on a display unit; and

[0013]FIG. 4 shows an example of a file format of an image file.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT

[0014] A preferred embodiment of the present invention will now be described in detail in accordance with FIGS. 1 to 4.

[0015]FIG. 1 is a block diagram showing a main construction of an image authentication system 10 according to the embodiment of the present invention.

[0016] Referring to FIG. 1, a control unit 101 controls various functions in the image authentication system 10. Memory 102 stores various data processed by the control unit 101. A storage unit 103 is a memory storing an application program, such as an image authentication program 106 and the like. A user interface unit 104 informs the control unit 101 of a user's designation. A display unit 105 displays data supplied by the control unit 101.

[0017]FIG. 3 shows an example of a screen generated by the control unit 101 of the present embodiment in accordance with the image authentication program 106.

[0018] Referring to FIG. 3, a screen 300 displays a first window 301, a second window 302, and a third window 303. The screen 300 also displays data indicative of the total number of files displayed on the first window 301, second window 302, and third window 303.

[0019] The first window 301 displays a list of information related to an image file that belongs to a first group. The image file that belongs to the first group is an image file having MAC (Message Authentication Code) data as the authentication data for the image data. MAC data is obtained by processing a hash value of image data by key data that corresponds to a secret key of a symmetric key cryptography.

[0020] The second window 302 displays a list of information related to an image file that belongs to a second group. The image file that belongs to the second group is an image file having digital signature data as the authentication data for the image data. Digital signature data is obtained by processing a hash value of image data by key data that corresponds to a private key of a public key cryptography.

[0021] The third window 303 displays a list of information related to an image file that belongs to a third group. The image file that belongs to the third group is an image file having neither MAC data nor digital signature data as the authentication data for the image data.

[0022]FIG. 4 shows an example of a file format of an image file. The image file is constructed with a header, a body, and a footer. Note that an image file having no authentication data (a file displayed in the third window 303) has no footer, or includes a footer having no storage area for authentication data. The header includes a file name of the image, camera ID data which specifies a digital camera that has picked up the image, and thumbnail images. The “other data” includes information related to an image size (the number of pixels in the horizontal and vertical directions), the starting position and size of the body, the starting position and size of the footer, and so forth. The body stores compressed image data (JPEG-encoded image data). The “marker” in the footer is information identifying the type of the authentication data. Accordingly, it is possible to discriminate whether the authentication data is MAC data or digital signature data by examining the “marker”. The MAC data is authenticate data obtained by processing a hash value of image data by key data that corresponds to a secret key of a symmetric key cryptography. The Digital signature data is authenticate data obtained by processing a hash value of image data by key data that corresponds to a private key of a public key cryptography. It should be noted that the maker and the authenticate data may be stored in the header instead of in the footer. Furthermore, the marker and the authenticate data may be embedded in the image data using a watermark technology.

[0023]FIG. 2 is a flowchart describing one of procedures executed in accordance with the image authentication program 106 by the image authentication system proposed by this embodiment. FIG. 2 shows examination procedure executed automatically when a user selects one or more image files.

[0024] Step S201: The control unit 101 determines whether or not a user has operated the user interface unit 104 and has selected one folder or one or more files in the storage unit 103. Note that, at this time, thumbnail image, file name and camera ID, i.e., of each selected image file may be displayed. If the thumbnail image, file name or camera ID is displayed when the user selects the image files, it is possible for the user to correctly select image files which he or she want to examine and authenticate. When one folder or one or more files are selected, the control proceeds to step S202.

[0025] Step S202: The control unit 101 decides one target file from the one or more image files selected by the user.

[0026] Step S203: The control unit 101 determines whether or not authentication data in the target file is MAC data. This determination, for example, is made by examining whether or not the maker in the image file indicates MAC data. When the authentication data is MAC data, the control proceeds to step S204. When the authentication data is not MAC data, the control proceeds to step S208.

[0027] Step S204: The control unit 101 classifies the target file into the first group.

[0028] Step S205: The control unit 101 examines and authenticates alteration or non-alteration of the image data using the image data in the target file and MAC data in the target file. For example, the control unit 101 compares data, which is obtained by converting the MAC data by predetermined common key data, with a hash value calculated based on the image data (body), thereby performing authentication. If a match is found, the control unit 101 determines non-alteration of the image, but if a match is not found, the control unit 101 determines alteration of the image.

[0029] Step S206: The control unit 101 displays altogether in the first window 301, thumbnail images of the target file, a file name, a camera ID indicative of a unique identifier of the digital camera that has generated the target file, and the result of authentication indicative of whether or not the image data in the target file has been altered.

[0030] Step S207: The control unit 101 displays the total number of image files that belong to the first group in the first window 301, and displays the total number of image files that belong to the first to third groups in the screen 300.

[0031] Step S208: The control unit 101 determines whether or not the authentication data in the target file is digital signature data. When the authentication data is digital signature data, the control proceeds to step S209. When the authentication data is not digital signature data (including in a case where authentication data is not in the target file), the control proceeds to step S213.

[0032] Step S209: The control unit 101 classifies the target file into the second group.

[0033] Step S210: The control unit 101 examines and authenticates alteration or non-alteration of the image data using the image data in the target file and the digital signature data corresponding to the image data. For example, the control unit 101 compares data, which is obtained by converting the digital signature data in the target image file by predetermined common key data that corresponds to key data of a common key of a public key cryptography, with a hash value calculated based on the image data (body), thereby performing authentication. If a match is found, the control unit 101 determines non-alteration of the image, but if a match is not found, the control unit 101 determines alteration of the image.

[0034] Step S211: The control unit 101 displays altogether in the second window 302, thumbnail images of the target file, a file name, a camera ID indicative of a unique identifier of the digital camera that has generated the target file, and the result of authentication indicative of whether or not the image data in the target file has been altered.

[0035] Step S212: The control unit 101 displays the total number of image files that belong to the second group in the second window 302, and displays the total number of image files that belong to the first to third groups in the screen 300.

[0036] Step S213: The control unit 101 classifies the target file into the third group.

[0037] Step S214: The control unit 101 displays altogether in the third window shown in FIG. 3, thumbnail images of the target file, a file name and so forth.

[0038] Step S215: The control unit 101 displays the total number of image files that belong to the third group in the third window 303, and displays the total number of image files that belong to the first to third groups in the screen 300.

[0039] Step S216: The control unit 101 determines whether or not there is an image file that has yet to be processed. If YES, the control returns to step S201.

[0040] As described above, according to the image authentication system 10 of the present embodiment, it is possible to classify an image file designated by a user in accordance with the type of authentication data in the image file, and display the information related to the image file altogether in a window provided for each group. Accordingly, the user can easily be informed of the type of authentication data in each image file.

[0041] Furthermore, according to the image authentication system 10 of the present embodiment, it is possible to display thumbnail images of the image file selected by a user, a file name, a camera ID, and the authentication result altogether. Therefore, the user can instantly be informed of the information related to the selected image file.

[0042] Accordingly, the present invention can provide a user with a user interface that is convenient and easy to use.

[0043] The present invention is not limited to the above embodiment and various changes and modifications can be made within the spirit and scope of the present invention. Therefore, to apprise the public of the scope of the present invention, the following claims are made. 

What is claimed is:
 1. An image authentication apparatus having control means for controlling a classifying process that classifies each image file into a group corresponding to a type of authentication data in each image file, and a displaying process including a process of displaying in display means data related to each image file in group unit.
 2. The image authentication apparatus according to claim 1, wherein the classifying process is targeted to a file existing in a folder selected by a user, or a file selected by a user.
 3. The image authentication apparatus according to claim 1, wherein in the classifying process, an image file associated with authentication data generated by using a private key cryptosystem or a compression function is classified into a first group, and an image file associated with authentication data generated by using a public key cryptography is classified into a second group.
 4. The image authentication apparatus according to claim 1, wherein the displaying process further includes at least one of a process of displaying in the display means a total number of image files that belong to one group, and a process of displaying in the display means a total number of image files that belong to all groups.
 5. An image authentication method comprising: a step of controlling a classifying process that classifies each image file into a group corresponding to a type of authentication data in each image file; and a step of controlling a displaying process including a process of displaying in display means data related to each image file in group unit.
 6. The image authentication method according to claim 5, wherein the classifying process is targeted to a file existing in a folder selected by a user, or a file selected by a user.
 7. The image authentication method according to claim 5, wherein in the classifying process, an image file associated with authentication data generated by using a private key cryptosystem or a compression function is classified into a first group, and an image file associated with authentication data generated by using a public key cryptography is classified into a second group.
 8. The image authentication method according to claim 5, wherein the displaying process further includes at least one of a process of displaying in the display means a total number of image files that belong to one group, and a process of displaying in the display means a total number of image files that belong to all groups.
 9. An image authentication program comprising: a step of controlling a classifying process that classifies each image file into a group corresponding to a type of authentication data in each image file; and a step of controlling a displaying process including a process of displaying in display means data related to each image file in group unit.
 10. The image authentication program according to claim 9, wherein the classifying process is targeted to a file existing in a folder selected by a user, or a file selected by a user.
 11. The image authentication program according to claim 9, wherein in the classifying process, an image file associated with authentication data generated by using a private key cryptosystem or a compression function is classified into a first group, and an image file associated with authentication data generated by using a public key cryptography is classified into a second group.
 12. The image authentication program according to claim 9, wherein the displaying process further includes at least one of a process of displaying in the display means a total number of image files that belong to one group, and a process of displaying in the display means a total number of image files that belong to all groups.
 13. An image authentication apparatus for examining and authenticating whether or not an image file has been altered, comprising: classifying means for determining a type of alteration authentication data in each of a plurality of image files stored in predetermined storage means, and classifying the plurality of image files into a plurality of groups based on the type of authentication data; alteration authenticating means for examining and authenticating whether or not each of the image files classified into respective groups is altered based on respective authentication data; and display control means for displaying in group unit an authentication result of the alteration authentication data.
 14. The image authentication apparatus according to claim 13, wherein said classifying means also classifies an image file which does not have alteration authentication data.
 15. The image authentication apparatus according to claim 13, wherein a target displayed by said display control means includes a thumbnail image of each image file.
 16. A control method of an image authentication apparatus which examines and authenticates whether or not an image file has been altered, comprising: a classifying step of determining a type of alteration authentication data in each of a plurality of image files stored in predetermined storage means, and classifying the plurality of image files into a plurality of groups based on the type of authentication data; an alteration authenticating step of examining and authenticating whether or not each of the image files classified into respective groups is altered based on respective authentication data; and a display control step of displaying in group unit an authentication result of the alteration authentication data.
 17. A computer program functioning as an image authentication apparatus, which examines and authenticates whether or not an image file has been altered, by being read and executed by a computer, said program functions as: classifying means for determining a type of alteration authentication data in each of a plurality of image files stored in predetermined storage means, and classifying the plurality of image files into a plurality of groups based on the type of authentication data; alteration authenticating means for examining and authenticating whether or not each of the image files classified into respective groups is altered based on respective authentication data; and display control means for displaying in group unit an authentication result of the alteration authentication data.
 18. A computer-readable storage medium storing the computer program described in claim
 13. 